Destroying evidence (was "About 5yr. log retention")
Jim Choate
ravage at EINSTEIN.ssz.com
Tue Dec 5 19:47:00 PST 2000
On Tue, 5 Dec 2000, Riad S. Wahby wrote:
> I'm curious how many people would buy the story that the machine in
> question fell victim to hackers who erased logs and other files in
> order to cover their tracks.
I think it would depend on circumstances. For something like this to be
taken seriously there would have to be other evidence of hacking. In
addition, remember that by now they've probably got your line tapped so
they'd have a sniffer copy of the hackers attack (assuming there was one).
Of course you could go otherwhere and attempt an attack yourself as an
alibi. You could probably wrap strategies like this one inside the other.
They would certainly tax patience and resources if done expertly.
Especially if one had some anonymous remailer/proxies thrown in the mix.
How I'd use this particular point would be from the police perspective.
I'd turn an associate and have them send an incriminating email,
testifying to same. Say wanting to buy a quantity of drugs. The LEA's
would of course have a sniffer log of that packet going into your machine.
When they arrested you they would then look in your machine and if it was
gone they could then demonstrate you destroyed evidence. This of course
also breaks the standard 'encrypt using PGP' point as well. In that case
the exchange of keys would demonstrate intent.
____________________________________________________________________
Before a larger group can see the virtue of an idea, a
smaller group must first understand it.
"Stranger Suns"
George Zebrowski
The Armadillo Group ,::////;::-. James Choate
Austin, Tx /:'///// ``::>/|/ ravage at ssz.com
www.ssz.com .', |||| `/( e\ 512-451-7087
-====~~mm-'`-```-mm --'-
--------------------------------------------------------------------
More information about the cypherpunks-legacy
mailing list